Well, I've just reverted to the old way of working, where web applications have
to login as well. Almost a week of searching on the web and in forums has only
yielded scattered information that didn't prove to work.
Thanks, for everyone who may have given this issue some thought. But the lack
After searching some more, I stumbled upon the reference to
'unauthenticatedPrincipal'. I installed a new version of XDoclet and had this
line added to jboss.xml.
?xml version=1.0 encoding=UTF-8?
| !DOCTYPE jboss PUBLIC -//JBoss//DTD JBOSS 3.0//EN
http://www.jboss.org/j2ee/dtd/jboss_3_0.dtd;
Read the unauthenticatedIdentity option on the jboss login modules. This
combined with unchecked method permissions on the local interfaces will allow
for unrestricted local access and secured remote access.
View the original post :
Hi Scott,
Thanks for your reply. However, I'm missing some essential bit of information
to understand the problem. I've read about unauthenticatedIdentity and
unauthenticatedPrincipal, but tweaking with these has not led to solving the
issue: I keep getting the checkSecurityAssociation ...
OK, that piece of XML is totally incorrect, but this
application-policy name=appnetauth
|authentication
| login-module
code=mt.com.vodafone.appnet.jaas.JBossAppnetLoginModule
| flag=required
| module-option